Bug 2138195

Summary: adding a port on router for a tenant subnet it get unreachable from the subnet
Product: Red Hat OpenStack Reporter: alisci <alisci>
Component: python-networking-ovnAssignee: Fernando Royo <froyo>
Status: CLOSED CURRENTRELEASE QA Contact: Eran Kuris <ekuris>
Severity: urgent Docs Contact:
Priority: urgent    
Version: 16.2 (Train)CC: apevec, froyo, lhh, majopela, mtomaska, scohen
Target Milestone: ---Keywords: Triaged
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2022-11-24 09:51:03 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description alisci 2022-10-27 14:47:13 UTC 
Description of problem:
issue is sporadic but CU was able to reproduce it different times:
as they create a port in a router for a specific tenant subnet it become unreachable from the same subnet.
They test this by pinging the created router port by a guest VM in the same subnet.
This get self solved and time changes between minutes to hours
at guest VM, L2 seems ok because arp table with the mac for the unreachable router port get filled
they disabled port security on the affected router port during the test


Version-Release number of selected component (if applicable):
OSP 16.2.1 OVN DVR

How reproducible:
it is sporadic 

Steps to Reproduce:
1.add a port on a router for a specific subnet
2.from a guest VM on the same subnet ping the created router port


Actual results:
ping doesn't work 100% packet loss


Expected results:
ping should be ok

Additional info:
as the issue get solved by itself ping become successful 

I'll add the detail of a reproducer of this issue as private on the next comment